Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of the Java object

Overview Android App "Mercari" Japan version provided by Mercari, Inc. contains vulnerability that an arbitrary Java method execution CWE-749 due to inadequate restrictions on addJavascriptInterface of WebView class. Taichi Kotake of Akatsuki Inc. reported this vulnerability to IPA. JPCERT/CC...

SAP Fiori Client Code Execution Vulnerability (CNVD-2019-04899)

SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A code execution vulnerability exists in SAP Fiori Client, which can be exploited by an attacker with the help of a malicious application to execute JavaScript code in the SAP Fiori...

Multiple Adobe Products JavaScript API Out-of-Bounds Memory Write Vulnerability

Adobe Acrobat DC for Windows and Macintosh and so on are the United States of America Odobie Adobe company based on Windows and Macintosh platform products.Adobe Acrobat DC for Windows and Macintosh is a desktop version of the PDF solution; Acrobat Reader DC for Windows and Macintosh is a set of...

JavaScript API Memory Misreference Vulnerability in Multiple Adobe Products

Acrobat DC Continuous Track and so on are the products of the United States Ordoby Adobe.Acrobat DC Continuous Track is a desktop version of the continuous update of the PDF solution.Reader DC Continuous Track is a continuous update of the PDF reading tool version. JavaScript API is one of the...

CVE-2017-16419

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not...

132 Google Play Apps Booted For Having Malicious IFrames

Google removed 132 apps infected with malicious iFrames from its Google Play store after security researchers discovered a development platform used to create the apps was infected with malware and in turn compromised the apps. Palo Alto Networks’ Unit 42 researchers said the apps were infected...

The vulnerability of Adobe Reader software allows a malicious individual to compromise the confidentiality of protected information.

The vulnerability exists in Adobe Reader due to the incorrect implementation of the JavaScript API. Exploiting this vulnerability allows malicious actors, operating remotely, to gain access to confidential information through a specially crafted PDF document...

The vulnerabilities of PDF viewer programs such as Adobe Reader, Adobe Reader Document Cloud, and PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat allow attackers to circumvent restrictions imposed by JavaScript APIs.

The vulnerabilities of PDF viewer programs such as Adobe Reader, Adobe Reader Document Cloud, and PDF editing programs like Adobe Acrobat Document Cloud are related to lack of access control mechanisms. Exploiting these vulnerabilities can allow a malicious actor to bypass restrictions on the...

CVE-2016-1117

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabili...

CVE-2016-1039

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabili...

CVE-2016-1038

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabili...

Adobe Acrobat Reader DC Restriction Bypass Vulnerability (CNVD-2016-03130)

Adobe Acrobat Reader DC is the United States of America Odooby Adobe company's set of tools for viewing, printing and annotating PDF. A security vulnerability exists in Adobe Acrobat Reader DC that allows an attacker to bypass restrictions on the Javascript API executable...

Updated iceape/sqlite3 packages fix security vulnerabilities

Updated iceape packages fix security issues. The sqlite3 package has been updated as well since the new iceape version requires the SQLITEENABLEDBSTATVTAB feature to be enabled in sqlite. This sqlite3 update also enables ICU support, fixing bug 16814 . Use-after-free vulnerability in the...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06693)

Adobe Reader/Acrobat is a popular application for working with PDF files. An execution bypass vulnerability exists in Adobe Reader/Acrobat. Allows an attacker to construct a malicious PDF file and trick the user into parsing it, which can bypass Javascript API execution restrictions...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06717)

Adobe Reader/Acrobat is a popular application for working with PDF files. An unspecified security bypass vulnerability exists in Adobe Reader/Acrobat. The vulnerability allows an attacker to construct a malicious PDF file and trick the user into parsing it, which could bypass Javascript API...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06723)

Adobe Reader/Acrobat is a popular application for working with PDF files. An unspecified security bypass vulnerability exists in Adobe Reader/Acrobat. The vulnerability allows an attacker to construct a malicious PDF file and trick the user into parsing it, which could bypass Javascript API...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06719)

Adobe Reader/Acrobat is a popular application for working with PDF files. An unspecified security bypass vulnerability exists in Adobe Reader/Acrobat. The vulnerability allows an attacker to construct a malicious PDF file and trick the user into parsing it, which could bypass Javascript API...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06692)

Adobe Reader/Acrobat is a popular application for working with PDF files. An unspecified security vulnerability exists in Adobe Reader/Acrobat. The vulnerability allows attackers to construct malicious PDF files and trick users into parsing them, which can bypass Javascript API execution...

Adobe Acrobat/Reader Javascript API Execution Bypass Vulnerability (CNVD-2015-06697)

Adobe Reader/Acrobat is a popular application for working with PDF files. An execution bypass vulnerability exists in Adobe Reader/Acrobat. Allows an attacker to construct a malicious PDF file and trick the user into parsing it, which can bypass Javascript API execution restrictions...

The vulnerability of the Adobe Reader PDF viewer program allows a hacker to circumvent access restrictions.

The vulnerability of the Adobe Reader PDF viewer program is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass restrictions on access to the JavaScript API...